Authorization and Authentication

[MOHANKUMAR-IT]

im building p2p for private network, have implemented custom SecureTransport that uses certificate signed by self signed certificate and check if other peers certificate contains this self signed certificate in its chains i.e RootCA else it denies the connection.
Now the certificates still needs to kept safe else some actor with a compromised system can get the certificate and get into the network.

any ideas how i can secure the network here , we should secure both internal (compromised system) and external attacks .